Score:0

Which DS record will a validator choose when there are multiple valid DS records?

cn flag

If there are multiple DS records with each using a different but RFC-compliant algorithm and digest type, is there any way to predict how real world validators will select one?

I've tried to, for example, to review what the default behavior BIND would be, but I'm not familiar enough to know where to start to understand how it would resolve.

Example:

A zone has the following valid DS record algorithm and digest types:

Algorithm Digest type
13 2
7 2
8 4

How does a validator choose which DS record to use?

jp flag
Does this answer your question? [Multiple DS records](https://serverfault.com/questions/789805/multiple-ds-records)
Paul avatar
cn flag
@EsaJokinen No, that question only has an answer stating that it is within RFC to have multiple record sets and having an invalid or "orphan" DS record does not invalidate other records, as seemed the concern of the question. Please see my update attempting to clarify my question.
anx avatar
fr flag
anx
The premise of this question appears to be that validators do select one record (first or only) with meaningful effect on considering arbitrary valid paths.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.